# Filters added to this controller apply to all controllers in the application.
# Likewise, all the methods added will be available for all controllers.

class ApplicationController < ActionController::Base
  helper :all # include all helpers, all the time

  # See ActionController::RequestForgeryProtection for details
  # Uncomment the :secret if you're not using the cookie session store
  protect_from_forgery # :secret => 'ef7fc9031ef93815a015d3d3b3d571f7'
  
  # See ActionController::Base for details 
  # Uncomment this to filter the contents of submitted sensitive data parameters
  # from your application log (in this case, all fields with names like "password"). 
  # filter_parameter_logging :password
  private
  
  def check_user
    unless session[:user]
        flash[:notice] = 'please login first'
        redirect_to :controller =>:login,:action=>:index
    end
  #  return User.find(session[:user][:id])
 # raise
   # user = User.new(session[:user])
    usernow = User.find_by_name_and_password(session[:user][:name],session[:user][:password])
    unless usernow
        flash[:notice] = 'session error'
        redirect_to :controller =>:login,:action=>:index
    end
      return usernow
  end
end
